This report examines the subject of advanced cyber analytics. It makes the case for states to invest in such capabilities and maintain ongoing maturity in advanced analytics. All organizations, including state government must also develop and maintain response capabilities that continuously mature in sophistication in order to keep pace with an ever changing threat landscape. State government remains in a defensive position. With the advent of multi-vector strategies by cyber criminals, state government now more than ever needs the ability to correlate disparate data sources generated from the myriad of security tools agencies have already invested in. Examples of advanced analytics tools are provided. The report includes a call to action list, a checklist, key questions, and recommendations.

This webinar presents a discussion on how government can improve its effectiveness through better collaboration and information sharing. Examples of intergovernmental collaborative projects are presented by state and local government recipients of the Best of NIEM awards.

State government must
now view cyber attacks that are more than cyber incidents. We must prepare for larger magnitude
events. These can be termed cyber
disruptions, disasters or even catastrophes.
This publication includes the following:

A call to action
for states to develop state cyber disruption response plans that include: a
governance structure that clearly designates who is in charge in a given event
or phase of an event; development of a risk profile for state assets;
collaboration among the various agencies that have cyber responsibility; and a
communication plan to ensure the right people have the right information as
early as possible so they can response effectively.

A checklist for
states to work with in developing progress toward a cyber disruption response
operating discipline.

A cross
functional process description that can be used as a starting point for states
to develop their own unique cross functional process for orchestrated planning
and response at various threat levels.

The state information technology (IT) community has long called for
improvements in IT procurement processes and practices and state chief
information officers (CIOs) are consistently dissatisfied with the state
IT procurement process. In the 2015 state CIO survey, The Value
Equation, roughly one half (47%) of state CIOs expressed negative
outlooks on IT procurement processes.Because of this consistent level of
dissatisfaction, NASCIO is advocating for procurement reform by issuing
a call to action to states.

NASCIO's 2004 publication NASCIO on Unlimited Liability - Gaining
Traction on the Road to "Win-Win" recommended changes to the state IT
procurement policy regarding limitations on liability. This infographic
indicates, as of December 2015, which states have have limitations on
liability in
statute, which states have none, and which states are able to negotiate
limitations on a case by case basis. To update your state's information, please contact Meredith Ward at [email protected]

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

This report presents the case for investing in data management. It presents in simple terms WHY data and information must be properly managed. The report presents basic rationale for investing in the development of a formal data management program. This report is the first in a series of reports that will deal with WHY is data management important; HOW does state government get started; Legal aspects of data management.

Moving Forward: Leadership Toolkit for State CISOs includes state CISO critical leadership traits, how state CISOs and private sector CISOs differ and the tenure of state CISOs. This publication examines survey responses, gives “advice from the trenches” and details other critical success factors for state CISOs.